Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5144

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2012-5144
Last Modified 02 Nov 2013 11:27:52
Published 12 Dec 2012 06:38:44
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-5144

Summary

Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an off-by-one overwrite when switching to LTP profile from MAIN."

Vulnerable Systems

Application

  • Google Chrome 23.0.1271.0

  • Google Chrome 23.0.1271.1

  • Google Chrome 23.0.1271.10

  • Google Chrome 23.0.1271.11

  • Google Chrome 23.0.1271.12

  • Google Chrome 23.0.1271.13

  • Google Chrome 23.0.1271.14

  • Google Chrome 23.0.1271.15

  • Google Chrome 23.0.1271.16

  • Google Chrome 23.0.1271.17

  • Google Chrome 23.0.1271.18

  • Google Chrome 23.0.1271.19

  • Google Chrome 23.0.1271.2

  • Google Chrome 23.0.1271.20

  • Google Chrome 23.0.1271.21

  • Google Chrome 23.0.1271.22

  • Google Chrome 23.0.1271.23

  • Google Chrome 23.0.1271.24

  • Google Chrome 23.0.1271.26

  • Google Chrome 23.0.1271.3

  • Google Chrome 23.0.1271.30

  • Google Chrome 23.0.1271.31

  • Google Chrome 23.0.1271.32

  • Google Chrome 23.0.1271.33

  • Google Chrome 23.0.1271.35

  • Google Chrome 23.0.1271.36

  • Google Chrome 23.0.1271.37

  • Google Chrome 23.0.1271.38

  • Google Chrome 23.0.1271.39

  • Google Chrome 23.0.1271.4

  • Google Chrome 23.0.1271.40

  • Google Chrome 23.0.1271.41

  • Google Chrome 23.0.1271.44

  • Google Chrome 23.0.1271.45

  • Google Chrome 23.0.1271.46

  • Google Chrome 23.0.1271.49

  • Google Chrome 23.0.1271.5

  • Google Chrome 23.0.1271.50

  • Google Chrome 23.0.1271.51

  • Google Chrome 23.0.1271.52

  • Google Chrome 23.0.1271.53

  • Google Chrome 23.0.1271.54

  • Google Chrome 23.0.1271.55

  • Google Chrome 23.0.1271.56

  • Google Chrome 23.0.1271.57

  • Google Chrome 23.0.1271.58

  • Google Chrome 23.0.1271.59

  • Google Chrome 23.0.1271.6

  • Google Chrome 23.0.1271.60

  • Google Chrome 23.0.1271.61

  • Google Chrome 23.0.1271.62

  • Google Chrome 23.0.1271.64

  • Google Chrome 23.0.1271.7

  • Google Chrome 23.0.1271.8

  • Google Chrome 23.0.1271.83

  • Google Chrome 23.0.1271.84

  • Google Chrome 23.0.1271.85

  • Google Chrome 23.0.1271.86

  • Google Chrome 23.0.1271.87

  • Google Chrome 23.0.1271.88

  • Google Chrome 23.0.1271.89

  • Google Chrome 23.0.1271.9

  • Google Chrome 23.0.1271.91

  • Google Chrome 23.0.1271.92

  • Google Chrome 23.0.1271.93

  • Google Chrome 23.0.1271.94

  • Google Chrome 23.0.1271.95

  • Google Chrome 23.0.1271.96

  • Libav 0.7

  • Libav 0.7.1

  • Libav 0.7.2

  • Libav 0.7.3

  • Libav 0.7.4

  • Libav 0.7.5

  • Libav 0.7.6

  • Libav 0.8

  • Libav 0.8.1

  • Libav 0.8.2

  • Libav 0.8.3

  • Libav 0.8.4


References

CONFIRM - https://code.google.com/p/chromium/issues/detail?id=161639

CONFIRM - http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html

UBUNTU - USN-1705-1

CONFIRM - http://libav.org/releases/libav-0.8.5.changelog

CONFIRM - http://libav.org/releases/libav-0.7.7.changelog

SUSE - openSUSE-SU-2012:1682


Last Updated: 27 May 2016 11:01:28